Technical Cyber Architect

Ofcom is the regulator for the communications services that we use and rely on each day. We make sure people get the best from their broadband, home phone and mobile services, as well as keeping an eye on TV and radio. Our culture is clear - we live by our values: Empowerment; Excellence; Collaboration; Agility and Respect. These define how we work to deliver our purpose, now and in the future. The behaviours which support these values set the path for a fully inclusive and innovative culture at Ofcom. We focus not only on what we do, but how we do it. We pride ourselves on being an organisation of people who genuinely care about helping others. About the team you'll be part of This role is part of Ofcom's Cyber and Infrastructure team within the ICT department. The team ensures that the technology and security measures are in place to support Ofcom's mission of making communications work for everyone. The position is vital for identifying, protecting against, defending, and recovering from the increasing and evolving cyber threats by applying 'security by design' and 'defence in depth' principles in the planning and evolution of the existing technology landscape. Please note: the team also support an on-call roster for out of hours incident response. The purpose and scope of the role As a Technical Cyber Architect, you will collaborate with a small team to strategically and securely leverage our cyber capabilities against emerging cyber threats. Your role will involve close cooperation with the Security Operations Centre to identify, protect, and remediate cyber vulnerabilities, as well as automate repetitive tasks. Additionally, you will assist other domain architects (Business, Data, and Application) to ensure that technology remains secure and effective. Act as lead in the absence of the principal, ensuring continuity by overseeing and executing all critical tasks and responsibilities for maintaining effective team operations. Your Key Responsibilities

• Design and implement secure, enterprise-scale networks, cloud environments, resources, and end-user solutions.

• Configure and manage Microsoft Sentinel, M365 Defender for Cloud, and Conditional Access in Entra ID to ensure the security of users and data.

• Train colleagues on cybersecurity procedures to ensure adherence to best practices.

• Architect secure cloud-based solutions to deliver effective capabilities to users

• Design, implementation and support of network infrastructure (WAN/LAN/Wi-Fi)

• Maintaining secure systems like ROSA (government secure system)

• Ensuring PCI-DSS compliance for card payments

• Design, creation of Technical Networks for business units

• Utilise Kusto Query Language and advanced hunting techniques to analyse logs for anomalies that may indicate suspicious behaviour.

• Automate repetitive tasks such as log querying and network scanning.

• Conduct red team testing, vulnerability assessments, encryption, intrusion detection, and set up honeypots.

• Collaborate closely with the SOC team to address any incidents and vulnerabilities and act as an escalation point.

• Respond to security incidents and provide remediation steps to prevent and mitigate future breaches.

• Work with other technology teams to address any cybersecurity vulnerabilities. Key technologies, + Executing Plans: Working across organisational boundaries to understand requirements, translate these requirements into technical and security specifications and deliver business outcomes.

• Articulating Ideas: Ability to present technical and security concepts in layman's terms and impart knowledge to key stakeholders and support functions.

• Owning Accountabilities: Working unsupervised, demonstrating flexibility and adaptability Inclusivity Statement Ofcom has a clear mission: to make communications work for everyone. To be able to deliver on this, we want our organisation to reflect the diversity of background, experience, upbringing and thought that exists across the UK. We aim to recruit from the widest pool of candidates possible - no matter your social background, age, ethnicity, sexual orientation, gender, or disability. We also warmly welcome applicants who are returning to the workforce after a break - for whatever reason. If you have taken time away and are ready to rejoin, we look forward to reviewing your application. Where positions are listed as full-time, we remain open to reduced hours, part-time arrangements, job shares, and other flexible working options. From day one, we champion flexible work arrangements to accommodate individual needs. You can read more about our Rewards, Benefits and Well-being on our careers page. Our recruitment processes prioritise accessibility and inclusivity. If you need adjustments, information in an alternative format, or prefer to apply in a different way, please contact us. As a Disability Confident Leader, we offer interviews to disabled applicants who meet essential criteria for advertised roles.

Experience in the following: Azure Portal, Azure Sentinel, Kusto QL, Nessus, Shodan, Cloud App Security, endpoint security, Microsoft Entra ID, Power Automate, Logic Apps, Azure Cloud, Big Data, Cisco Umbrella, SQL, PowerBI, AI, including Azure ML and Microsoft Security Copilot, SCCM, InTune, WDAC, and programming languages such as C++, C#, and Python. The skills, knowledge and experience you'll need for success Technical Knowledge, Skills and Experience:

• Azure Security accredited (SC100 and SC200)
• Security Clearance (SC)
• CISSP
• Certified Ethical Hacker (CEH)
• Prince 2 Foundation or relevant project experience
• GIAC Forensic Examiner, Axiom Forensics or equivalent DFIR certifications
• Network trained to CCNA or equivalent
• IT service management accreditation (e.g. ITIL) or equivalent
• Related professional membership, or working towards BCS, ITP, IET, CISec
• PCI-DSS experience